/**
 * @file
 * LWIP HTTP server implementation
 */

/*
 * Copyright (c) 2001-2003 Swedish Institute of Computer Science.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modification,
 * are permitted provided that the following conditions are met:
 *
 * 1. Redistributions of source code must retain the above copyright notice,
 *    this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright notice,
 *    this list of conditions and the following disclaimer in the documentation
 *    and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
 * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
 * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
 * OF SUCH DAMAGE.
 *
 * This file is part of the lwIP TCP/IP stack.
 *
 * Author: Adam Dunkels <adam@sics.se>
 *         Simon Goldschmidt
 *
 */

/**
 * @defgroup httpd HTTP server
 * @ingroup apps
 *
 * This httpd supports for a
 * rudimentary server-side-include facility which will replace tags of the form
 * <!--#tag--> in any file whose extension is .shtml, .shtm or .ssi with
 * strings provided by an include handler whose pointer is provided to the
 * module via function http_set_ssi_handler().
 * Additionally, a simple common
 * gateway interface (CGI) handling mechanism has been added to allow clients
 * to hook functions to particular request URIs.
 *
 * To enable SSI support, define label LWIP_HTTPD_SSI in lwipopts.h.
 * To enable CGI support, define label LWIP_HTTPD_CGI in lwipopts.h.
 *
 * By default, the server assumes that HTTP headers are already present in
 * each file stored in the file system.  By defining LWIP_HTTPD_DYNAMIC_HEADERS in
 * lwipopts.h, this behavior can be changed such that the server inserts the
 * headers automatically based on the extension of the file being served.  If
 * this mode is used, be careful to ensure that the file system image used
 * does not already contain the header information.
 *
 * File system images without headers can be created using the makefsfile
 * tool with the -h command line option.
 *
 *
 * Notes about valid SSI tags
 * --------------------------
 *
 * The following assumptions are made about tags used in SSI markers:
 *
 * 1. No tag may contain '-' or whitespace characters within the tag name.
 * 2. Whitespace is allowed between the tag leadin "<!--#" and the start of
 *    the tag name and between the tag name and the leadout string "-->".
 * 3. The maximum tag name length is LWIP_HTTPD_MAX_TAG_NAME_LEN, currently 8 characters.
 *
 * Notes on CGI usage
 * ------------------
 *
 * The simple CGI support offered here works with GET method requests only
 * and can handle up to 16 parameters encoded into the URI. The handler
 * function may not write directly to the HTTP output but must return a
 * filename that the HTTP server will send to the browser as a response to
 * the incoming CGI request.
 *
 *
 *
 * The list of supported file types is quite short, so if makefsdata complains
 * about an unknown extension, make sure to add it (and its doctype) to
 * the 'g_psHTTPHeaders' list.
 */
#include "lwip/init.h"
#include "lwip/apps/httpd.h"
#include "lwip/debug.h"
#include "lwip/stats.h"
#include "lwip/apps/fs.h"
#include "httpd_structs.h"
#include "lwip/def.h"
#include "lwip/ip.h"
#include "lwip/tcp.h"

#include <string.h> /* memset */
#include <stdlib.h> /* atoi */
#include <stdio.h>

#if LWIP_TCP && LWIP_CALLBACK_API

/** Minimum length for a valid HTTP/0.9 request: "GET /\r\n" -> 7 bytes */
#define MIN_REQ_LEN   7

#define CRLF "\r\n"
#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE
	#define HTTP11_CONNECTIONKEEPALIVE  "Connection: keep-alive"
	#define HTTP11_CONNECTIONKEEPALIVE2 "Connection: Keep-Alive"
#endif

/** These defines check whether tcp_write has to copy data or not */

/** This was TI's check whether to let TCP copy data or not
 * \#define HTTP_IS_DATA_VOLATILE(hs) ((hs->file < (char *)0x20000000) ? 0 : TCP_WRITE_FLAG_COPY)
 */
#ifndef HTTP_IS_DATA_VOLATILE
#if LWIP_HTTPD_SSI
/* Copy for SSI files, no copy for non-SSI files */
#define HTTP_IS_DATA_VOLATILE(hs)   ((hs)->ssi ? TCP_WRITE_FLAG_COPY : 0)
#else /* LWIP_HTTPD_SSI */
/** Default: don't copy if the data is sent from file-system directly */
#define HTTP_IS_DATA_VOLATILE(hs) (((hs->file != NULL) && (hs->handle != NULL) && (hs->file == \
                                   (const char*)hs->handle->data + hs->handle->len - hs->left)) \
                                   ? 0 : TCP_WRITE_FLAG_COPY)
#endif /* LWIP_HTTPD_SSI */
#endif

/** Default: headers are sent from ROM */
#ifndef HTTP_IS_HDR_VOLATILE
	#define HTTP_IS_HDR_VOLATILE(hs, ptr) 0
#endif

/* Return values for http_send_*() */
#define HTTP_DATA_TO_SEND_BREAK    2
#define HTTP_DATA_TO_SEND_CONTINUE 1
#define HTTP_NO_DATA_TO_SEND       0

typedef struct {
	const char* name;
	u8_t shtml;
} default_filename;

const default_filename g_psDefaultFilenames[] = {
	{"/index.shtml", 1 },
	{"/index.ssi",   1 },
	{"/index.shtm",  1 },
	{"/index.html",  0 },
	{"/index.htm",   0 }
};

#define NUM_DEFAULT_FILENAMES (sizeof(g_psDefaultFilenames) /   \
                               sizeof(default_filename))

#if LWIP_HTTPD_SUPPORT_REQUESTLIST
	/** HTTP request is copied here from pbufs for simple parsing */
	static char httpd_req_buf[LWIP_HTTPD_MAX_REQ_LENGTH + 1];
#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */

#if LWIP_HTTPD_SUPPORT_POST
	#if LWIP_HTTPD_POST_MAX_RESPONSE_URI_LEN > LWIP_HTTPD_MAX_REQUEST_URI_LEN
		#define LWIP_HTTPD_URI_BUF_LEN LWIP_HTTPD_POST_MAX_RESPONSE_URI_LEN
	#endif
#endif
#ifndef LWIP_HTTPD_URI_BUF_LEN
	#define LWIP_HTTPD_URI_BUF_LEN LWIP_HTTPD_MAX_REQUEST_URI_LEN
#endif
#if LWIP_HTTPD_URI_BUF_LEN
	/* Filename for response file to send when POST is finished or
	* search for default files when a directory is requested. */
	static char http_uri_buf[LWIP_HTTPD_URI_BUF_LEN + 1];
#endif

#if LWIP_HTTPD_DYNAMIC_HEADERS
	/* The number of individual strings that comprise the headers sent before each
	* requested file.
	*/
	#define NUM_FILE_HDR_STRINGS 5
	#define HDR_STRINGS_IDX_HTTP_STATUS          0 /* e.g. "HTTP/1.0 200 OK\r\n" */
	#define HDR_STRINGS_IDX_SERVER_NAME          1 /* e.g. "Server: "HTTPD_SERVER_AGENT"\r\n" */
	#define HDR_STRINGS_IDX_CONTENT_LEN_KEPALIVE 2 /* e.g. "Content-Length: xy\r\n" and/or "Connection: keep-alive\r\n" */
	#define HDR_STRINGS_IDX_CONTENT_LEN_NR       3 /* the byte count, when content-length is used */
	#define HDR_STRINGS_IDX_CONTENT_TYPE         4 /* the content type (or default answer content type including default document) */

	/* The dynamically generated Content-Length buffer needs space for CRLF + NULL */
	#define LWIP_HTTPD_MAX_CONTENT_LEN_OFFSET 3
	#ifndef LWIP_HTTPD_MAX_CONTENT_LEN_SIZE
		/* The dynamically generated Content-Length buffer shall be able to work with
		~953 MB (9 digits) */
		#define LWIP_HTTPD_MAX_CONTENT_LEN_SIZE   (9 + LWIP_HTTPD_MAX_CONTENT_LEN_OFFSET)
	#endif
#endif /* LWIP_HTTPD_DYNAMIC_HEADERS */

#if LWIP_HTTPD_SSI

#define HTTPD_LAST_TAG_PART 0xFFFF

enum tag_check_state {
	TAG_NONE,       /* Not processing an SSI tag */
	TAG_LEADIN,     /* Tag lead in "<!--#" being processed */
	TAG_FOUND,      /* Tag name being read, looking for lead-out start */
	TAG_LEADOUT,    /* Tag lead out "-->" being processed */
	TAG_SENDING     /* Sending tag replacement string */
};

struct http_ssi_state {
	const char* parsed;     /* Pointer to the first unparsed byte in buf. */
#if !LWIP_HTTPD_SSI_INCLUDE_TAG
	const char* tag_started;/* Pointer to the first opening '<' of the tag. */
#endif /* !LWIP_HTTPD_SSI_INCLUDE_TAG */
	const char* tag_end;    /* Pointer to char after the closing '>' of the tag. */
	u32_t parse_left; /* Number of unparsed bytes in buf. */
	u16_t tag_index;   /* Counter used by tag parsing state machine */
	u16_t tag_insert_len; /* Length of insert in string tag_insert */
#if LWIP_HTTPD_SSI_MULTIPART
	u16_t tag_part; /* Counter passed to and changed by tag insertion function to insert multiple times */
#endif /* LWIP_HTTPD_SSI_MULTIPART */
	u8_t tag_name_len; /* Length of the tag name in string tag_name */
	char tag_name[LWIP_HTTPD_MAX_TAG_NAME_LEN + 1]; /* Last tag name extracted */
	char tag_insert[LWIP_HTTPD_MAX_TAG_INSERT_LEN + 1]; /* Insert string for tag_name */
	enum tag_check_state tag_state; /* State of the tag processor */
};
#endif /* LWIP_HTTPD_SSI */

struct http_state {
#if LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED
	struct http_state* next;
#endif /* LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED */
	struct fs_file file_handle;
	struct fs_file* handle;
	const char* file;       /* Pointer to first unsent byte in buf. */

	struct tcp_pcb* pcb;
#if LWIP_HTTPD_SUPPORT_REQUESTLIST
	struct pbuf* req;
#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */

#if LWIP_HTTPD_DYNAMIC_FILE_READ
	char* buf;        /* File read buffer. */
	int buf_len;      /* Size of file read buffer, buf. */
#endif /* LWIP_HTTPD_DYNAMIC_FILE_READ */
	u32_t left;       /* Number of unsent bytes in buf. */
	u8_t retries;
#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE
	u8_t keepalive;
#endif /* LWIP_HTTPD_SUPPORT_11_KEEPALIVE */
#if LWIP_HTTPD_SSI
	struct http_ssi_state* ssi;
#endif /* LWIP_HTTPD_SSI */
#if LWIP_HTTPD_CGI
	char* params[LWIP_HTTPD_MAX_CGI_PARAMETERS]; /* Params extracted from the request URI */
	char* param_vals[LWIP_HTTPD_MAX_CGI_PARAMETERS]; /* Values for each extracted param */
#endif /* LWIP_HTTPD_CGI */
#if LWIP_HTTPD_DYNAMIC_HEADERS
	const char* hdrs[NUM_FILE_HDR_STRINGS]; /* HTTP headers to be sent. */
	char hdr_content_len[LWIP_HTTPD_MAX_CONTENT_LEN_SIZE];
	u16_t hdr_pos;     /* The position of the first unsent header byte in the
                        current string */
	u16_t hdr_index;   /* The index of the hdr string currently being sent. */
#endif /* LWIP_HTTPD_DYNAMIC_HEADERS */
#if LWIP_HTTPD_TIMING
	u32_t time_started;
#endif /* LWIP_HTTPD_TIMING */
#if LWIP_HTTPD_SUPPORT_POST
	u32_t post_content_len_left;
#if LWIP_HTTPD_POST_MANUAL_WND
	u32_t unrecved_bytes;
	u8_t no_auto_wnd;
	u8_t post_finished;
#endif /* LWIP_HTTPD_POST_MANUAL_WND */
#endif /* LWIP_HTTPD_SUPPORT_POST*/
};

#if HTTPD_USE_MEM_POOL
	LWIP_MEMPOOL_DECLARE(HTTPD_STATE,     MEMP_NUM_PARALLEL_HTTPD_CONNS,     sizeof(struct http_state),     "HTTPD_STATE")
	#if LWIP_HTTPD_SSI
		LWIP_MEMPOOL_DECLARE(HTTPD_SSI_STATE, MEMP_NUM_PARALLEL_HTTPD_SSI_CONNS, sizeof(struct http_ssi_state), "HTTPD_SSI_STATE")
		#define HTTP_FREE_SSI_STATE(x)  LWIP_MEMPOOL_FREE(HTTPD_SSI_STATE, (x))
		#define HTTP_ALLOC_SSI_STATE()  (struct http_ssi_state *)LWIP_MEMPOOL_ALLOC(HTTPD_SSI_STATE)
	#endif /* LWIP_HTTPD_SSI */
	#define HTTP_ALLOC_HTTP_STATE() (struct http_state *)LWIP_MEMPOOL_ALLOC(HTTPD_STATE)
	#define HTTP_FREE_HTTP_STATE(x) LWIP_MEMPOOL_FREE(HTTPD_STATE, (x))
#else /* HTTPD_USE_MEM_POOL */
	#define HTTP_ALLOC_HTTP_STATE() (struct http_state *)mem_malloc(sizeof(struct http_state))
	#define HTTP_FREE_HTTP_STATE(x) mem_free(x)
	#if LWIP_HTTPD_SSI
		#define HTTP_ALLOC_SSI_STATE()  (struct http_ssi_state *)mem_malloc(sizeof(struct http_ssi_state))
		#define HTTP_FREE_SSI_STATE(x)  mem_free(x)
	#endif /* LWIP_HTTPD_SSI */
#endif /* HTTPD_USE_MEM_POOL */

static err_t http_close_conn(struct tcp_pcb* pcb, struct http_state* hs);
static err_t http_close_or_abort_conn(struct tcp_pcb* pcb, struct http_state* hs, u8_t abort_conn);
static err_t http_find_file(struct http_state* hs, const char* uri, int is_09);
static err_t http_init_file(struct http_state* hs, struct fs_file* file, int is_09, const char* uri, u8_t tag_check, char* params);
static err_t http_poll(void* arg, struct tcp_pcb* pcb);
static u8_t http_check_eof(struct tcp_pcb* pcb, struct http_state* hs);
#if LWIP_HTTPD_FS_ASYNC_READ
	static void http_continue(void* connection);
#endif /* LWIP_HTTPD_FS_ASYNC_READ */

#if LWIP_HTTPD_SSI
	/* SSI insert handler function pointer. */
	tSSIHandler g_pfnSSIHandler;
	#if !LWIP_HTTPD_SSI_RAW
		int g_iNumTags;
		const char** g_ppcTags;
	#endif /* !LWIP_HTTPD_SSI_RAW */

	#define LEN_TAG_LEAD_IN 5
	const char* const g_pcTagLeadIn = "<!--#";

	#define LEN_TAG_LEAD_OUT 3
	const char* const g_pcTagLeadOut = "-->";
#endif /* LWIP_HTTPD_SSI */

#if LWIP_HTTPD_CGI
	/* CGI handler information */
	const tCGI* g_pCGIs;
	int g_iNumCGIs;
	int http_cgi_paramcount;
	#define http_cgi_params     hs->params
	#define http_cgi_param_vals hs->param_vals
#elif LWIP_HTTPD_CGI_SSI
	char* http_cgi_params[LWIP_HTTPD_MAX_CGI_PARAMETERS]; /* Params extracted from the request URI */
	char* http_cgi_param_vals[LWIP_HTTPD_MAX_CGI_PARAMETERS]; /* Values for each extracted param */
#endif /* LWIP_HTTPD_CGI */

#if LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED
/** global list of active HTTP connections, use to kill the oldest when
    running out of memory */
static struct http_state* http_connections;

static void
http_add_connection(struct http_state* hs)
{
	/* add the connection to the list */
	hs->next = http_connections;
	http_connections = hs;
}

static void
http_remove_connection(struct http_state* hs)
{
	/* take the connection off the list */
	if(http_connections) {
		if(http_connections == hs) {
			http_connections = hs->next;
		} else {
			struct http_state* last;

			for(last = http_connections; last->next != NULL; last = last->next) {
				if(last->next == hs) {
					last->next = hs->next;
					break;
				}
			}
		}
	}
}

static void
http_kill_oldest_connection(u8_t ssi_required)
{
	struct http_state* hs = http_connections;
	struct http_state* hs_free_next = NULL;

	while(hs && hs->next) {
#if LWIP_HTTPD_SSI

		if(ssi_required) {
			if(hs->next->ssi != NULL) {
				hs_free_next = hs;
			}
		} else
#else /* LWIP_HTTPD_SSI */
		LWIP_UNUSED_ARG(ssi_required);

#endif /* LWIP_HTTPD_SSI */
		{
			hs_free_next = hs;
		}
		LWIP_ASSERT("broken list", hs != hs->next);
		hs = hs->next;
	}

	if(hs_free_next != NULL) {
		LWIP_ASSERT("hs_free_next->next != NULL", hs_free_next->next != NULL);
		LWIP_ASSERT("hs_free_next->next->pcb != NULL", hs_free_next->next->pcb != NULL);
		/* send RST when killing a connection because of memory shortage */
		http_close_or_abort_conn(hs_free_next->next->pcb, hs_free_next->next, 1); /* this also unlinks the http_state from the list */
	}
}
#else /* LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED */

#define http_add_connection(hs)
#define http_remove_connection(hs)

#endif /* LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED */

#if LWIP_HTTPD_SSI
/** Allocate as struct http_ssi_state. */
static struct http_ssi_state*
http_ssi_state_alloc(void)
{
	struct http_ssi_state* ret = HTTP_ALLOC_SSI_STATE();
#if LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED

	if(ret == NULL) {
		http_kill_oldest_connection(1);
		ret = HTTP_ALLOC_SSI_STATE();
	}

#endif /* LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED */

	if(ret != NULL) {
		memset(ret, 0, sizeof(struct http_ssi_state));
	}

	return ret;
}

/** Free a struct http_ssi_state. */
static void
http_ssi_state_free(struct http_ssi_state* ssi)
{
	if(ssi != NULL) {
		HTTP_FREE_SSI_STATE(ssi);
	}
}
#endif /* LWIP_HTTPD_SSI */

/** Initialize a struct http_state.
 */
static void
http_state_init(struct http_state* hs)
{
	/* Initialize the structure. */
	memset(hs, 0, sizeof(struct http_state));
#if LWIP_HTTPD_DYNAMIC_HEADERS
	/* Indicate that the headers are not yet valid */
	hs->hdr_index = NUM_FILE_HDR_STRINGS;
#endif /* LWIP_HTTPD_DYNAMIC_HEADERS */
}

/** Allocate a struct http_state. */
static struct http_state*
http_state_alloc(void)
{
	struct http_state* ret = HTTP_ALLOC_HTTP_STATE();
#if LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED

	if(ret == NULL) {
		http_kill_oldest_connection(0);
		ret = HTTP_ALLOC_HTTP_STATE();
	}

#endif /* LWIP_HTTPD_KILL_OLD_ON_CONNECTIONS_EXCEEDED */

	if(ret != NULL) {
		http_state_init(ret);
		http_add_connection(ret);
	}

	return ret;
}

/** Free a struct http_state.
 * Also frees the file data if dynamic.
 */
static void
http_state_eof(struct http_state* hs)
{
	if(hs->handle) {
#if LWIP_HTTPD_TIMING
		u32_t ms_needed = sys_now() - hs->time_started;
		u32_t needed = LWIP_MAX(1, (ms_needed / 100));
		LWIP_DEBUGF(HTTPD_DEBUG_TIMING, ("httpd: needed %"U32_F" ms to send file of %d bytes -> %"U32_F" bytes/sec\n",
		                                 ms_needed, hs->handle->len, ((((u32_t)hs->handle->len) * 10) / needed)));
#endif /* LWIP_HTTPD_TIMING */
		fs_close(hs->handle);
		hs->handle = NULL;
	}

#if LWIP_HTTPD_DYNAMIC_FILE_READ

	if(hs->buf != NULL) {
		mem_free(hs->buf);
		hs->buf = NULL;
	}

#endif /* LWIP_HTTPD_DYNAMIC_FILE_READ */
#if LWIP_HTTPD_SSI

	if(hs->ssi) {
		http_ssi_state_free(hs->ssi);
		hs->ssi = NULL;
	}

#endif /* LWIP_HTTPD_SSI */
#if LWIP_HTTPD_SUPPORT_REQUESTLIST

	if(hs->req) {
		pbuf_free(hs->req);
		hs->req = NULL;
	}

#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
}

/** Free a struct http_state.
 * Also frees the file data if dynamic.
 */
static void
http_state_free(struct http_state* hs)
{
	if(hs != NULL) {
		http_state_eof(hs);
		http_remove_connection(hs);
		HTTP_FREE_HTTP_STATE(hs);
	}
}

/** Call tcp_write() in a loop trying smaller and smaller length
 *
 * @param pcb tcp_pcb to send
 * @param ptr Data to send
 * @param length Length of data to send (in/out: on return, contains the
 *        amount of data sent)
 * @param apiflags directly passed to tcp_write
 * @return the return value of tcp_write
 */
static err_t
http_write(struct tcp_pcb* pcb, const void* ptr, u16_t* length, u8_t apiflags)
{
	u16_t len, max_len;
	err_t err;
	LWIP_ASSERT("length != NULL", length != NULL);
	len = *length;

	if(len == 0) {
		return ERR_OK;
	}

	/* We cannot send more data than space available in the send buffer. */
	max_len = tcp_sndbuf(pcb);

	if(max_len < len) {
		len = max_len;
	}

#ifdef HTTPD_MAX_WRITE_LEN
	/* Additional limitation: e.g. don't enqueue more than 2*mss at once */
	max_len = HTTPD_MAX_WRITE_LEN(pcb);

	if(len > max_len) {
		len = max_len;
	}

#endif /* HTTPD_MAX_WRITE_LEN */

	do {
		LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Trying go send %d bytes\n", len));
		err = tcp_write(pcb, ptr, len, apiflags);

		if(err == ERR_MEM) {
			if((tcp_sndbuf(pcb) == 0) ||
			        (tcp_sndqueuelen(pcb) >= TCP_SND_QUEUELEN)) {
				/* no need to try smaller sizes */
				len = 1;
			} else {
				len /= 2;
			}

			LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE,
			            ("Send failed, trying less (%d bytes)\n", len));
		}
	} while((err == ERR_MEM) && (len > 1));

	if(err == ERR_OK) {
		LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Sent %d bytes\n", len));
		*length = len;
	} else {
		LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Send failed with err %d (\"%s\")\n", err, lwip_strerr(err)));
		*length = 0;
	}

#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE
	/* ensure nagle is normally enabled (only disabled for persistent connections
	   when all data has been enqueued but the connection stays open for the next
	   request */
	tcp_nagle_enable(pcb);
#endif

	return err;
}

/**
 * The connection shall be actively closed (using RST to close from fault states).
 * Reset the sent- and recv-callbacks.
 *
 * @param pcb the tcp pcb to reset callbacks
 * @param hs connection state to free
 */
static err_t
http_close_or_abort_conn(struct tcp_pcb* pcb, struct http_state* hs, u8_t abort_conn)
{
	err_t err;
	LWIP_DEBUGF(HTTPD_DEBUG, ("Closing connection %p\n", (void*)pcb));

#if LWIP_HTTPD_SUPPORT_POST

	if(hs != NULL) {
		if((hs->post_content_len_left != 0)
#if LWIP_HTTPD_POST_MANUAL_WND
		        || ((hs->no_auto_wnd != 0) && (hs->unrecved_bytes != 0))
#endif /* LWIP_HTTPD_POST_MANUAL_WND */
		  ) {
			/* make sure the post code knows that the connection is closed */
			http_uri_buf[0] = 0;
			httpd_post_finished(hs, http_uri_buf, LWIP_HTTPD_URI_BUF_LEN);
		}
	}

#endif /* LWIP_HTTPD_SUPPORT_POST*/


	tcp_arg(pcb, NULL);
	tcp_recv(pcb, NULL);
	tcp_err(pcb, NULL);
	tcp_poll(pcb, NULL, 0);
	tcp_sent(pcb, NULL);

	if(hs != NULL) {
		http_state_free(hs);
	}

	if(abort_conn) {
		tcp_abort(pcb);
		return ERR_OK;
	}

	err = tcp_close(pcb);

	if(err != ERR_OK) {
		LWIP_DEBUGF(HTTPD_DEBUG, ("Error %d closing %p\n", err, (void*)pcb));
		/* error closing, try again later in poll */
		tcp_poll(pcb, http_poll, HTTPD_POLL_INTERVAL);
	}

	return err;
}

/**
 * The connection shall be actively closed.
 * Reset the sent- and recv-callbacks.
 *
 * @param pcb the tcp pcb to reset callbacks
 * @param hs connection state to free
 */
static err_t
http_close_conn(struct tcp_pcb* pcb, struct http_state* hs)
{
	return http_close_or_abort_conn(pcb, hs, 0);
}

/** End of file: either close the connection (Connection: close) or
 * close the file (Connection: keep-alive)
 */
static void
http_eof(struct tcp_pcb* pcb, struct http_state* hs)
{
	/* HTTP/1.1 persistent connection? (Not supported for SSI) */
#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE
	if(hs->keepalive) {
		http_remove_connection(hs);

		http_state_eof(hs);
		http_state_init(hs);
		/* restore state: */
		hs->pcb = pcb;
		hs->keepalive = 1;
		http_add_connection(hs);
		/* ensure nagle doesn't interfere with sending all data as fast as possible: */
		tcp_nagle_disable(pcb);
	} else
#endif /* LWIP_HTTPD_SUPPORT_11_KEEPALIVE */
	{
		http_close_conn(pcb, hs);
	}
}

#if LWIP_HTTPD_CGI || LWIP_HTTPD_CGI_SSI
/**
 * Extract URI parameters from the parameter-part of an URI in the form
 * "test.cgi?x=y" @todo: better explanation!
 * Pointers to the parameters are stored in hs->param_vals.
 *
 * @param hs http connection state
 * @param params pointer to the NULL-terminated parameter string from the URI
 * @return number of parameters extracted
 */
static int
extract_uri_parameters(struct http_state* hs, char* params)
{
	char* pair;
	char* equals;
	int loop;

	LWIP_UNUSED_ARG(hs);

	/* If we have no parameters at all, return immediately. */
	if(!params || (params[0] == '\0')) {
		return(0);
	}

	/* Get a pointer to our first parameter */
	pair = params;

	/* Parse up to LWIP_HTTPD_MAX_CGI_PARAMETERS from the passed string and ignore the
	 * remainder (if any) */
	for(loop = 0; (loop < LWIP_HTTPD_MAX_CGI_PARAMETERS) && pair; loop++) {

		/* Save the name of the parameter */
		http_cgi_params[loop] = pair;

		/* Remember the start of this name=value pair */
		equals = pair;

		/* Find the start of the next name=value pair and replace the delimiter
		 * with a 0 to terminate the previous pair string. */
		pair = strchr(pair, '&');

		if(pair) {
			*pair = '\0';
			pair++;
		} else {
			/* We didn't find a new parameter so find the end of the URI and
			 * replace the space with a '\0' */
			pair = strchr(equals, ' ');

			if(pair) {
				*pair = '\0';
			}

			/* Revert to NULL so that we exit the loop as expected. */
			pair = NULL;
		}

		/* Now find the '=' in the previous pair, replace it with '\0' and save
		 * the parameter value string. */
		equals = strchr(equals, '=');

		if(equals) {
			*equals = '\0';
			http_cgi_param_vals[loop] = equals + 1;
		} else {
			http_cgi_param_vals[loop] = NULL;
		}
	}

	return loop;
}
#endif /* LWIP_HTTPD_CGI || LWIP_HTTPD_CGI_SSI */

#if LWIP_HTTPD_SSI
/**
 * Insert a tag (found in an shtml in the form of "<!--#tagname-->" into the file.
 * The tag's name is stored in ssi->tag_name (NULL-terminated), the replacement
 * should be written to hs->tag_insert (up to a length of LWIP_HTTPD_MAX_TAG_INSERT_LEN).
 * The amount of data written is stored to ssi->tag_insert_len.
 *
 * @todo: return tag_insert_len - maybe it can be removed from struct http_state?
 *
 * @param hs http connection state
 */
static void
get_tag_insert(struct http_state* hs)
{
#if LWIP_HTTPD_SSI_RAW
	const char* tag;
#else /* LWIP_HTTPD_SSI_RAW */
	int tag;
#endif /* LWIP_HTTPD_SSI_RAW */
	size_t len;
	struct http_ssi_state* ssi;
#if LWIP_HTTPD_SSI_MULTIPART
	u16_t current_tag_part;
#endif /* LWIP_HTTPD_SSI_MULTIPART */

	LWIP_ASSERT("hs != NULL", hs != NULL);
	ssi = hs->ssi;
	LWIP_ASSERT("ssi != NULL", ssi != NULL);
#if LWIP_HTTPD_SSI_MULTIPART
	current_tag_part = ssi->tag_part;
	ssi->tag_part = HTTPD_LAST_TAG_PART;
#endif /* LWIP_HTTPD_SSI_MULTIPART */
#if LWIP_HTTPD_SSI_RAW
	tag = ssi->tag_name;
#endif

	if(g_pfnSSIHandler
#if !LWIP_HTTPD_SSI_RAW
	        && g_ppcTags && g_iNumTags
#endif /* !LWIP_HTTPD_SSI_RAW */
	  ) {

		/* Find this tag in the list we have been provided. */
#if LWIP_HTTPD_SSI_RAW
		{
#else /* LWIP_HTTPD_SSI_RAW */

		for(tag = 0; tag < g_iNumTags; tag++) {
			if(strcmp(ssi->tag_name, g_ppcTags[tag]) == 0)
#endif /* LWIP_HTTPD_SSI_RAW */
			{
				ssi->tag_insert_len = g_pfnSSIHandler(tag, ssi->tag_insert,
				                                      LWIP_HTTPD_MAX_TAG_INSERT_LEN
#if LWIP_HTTPD_SSI_MULTIPART
				                                      , current_tag_part, &ssi->tag_part
#endif /* LWIP_HTTPD_SSI_MULTIPART */
#if LWIP_HTTPD_FILE_STATE
				                                      , (hs->handle ? hs->handle->state : NULL)
#endif /* LWIP_HTTPD_FILE_STATE */
				                                     );
#if LWIP_HTTPD_SSI_RAW

				if(ssi->tag_insert_len != HTTPD_SSI_TAG_UNKNOWN)
#endif /* LWIP_HTTPD_SSI_RAW */
				{
					return;
				}
			}
		}
	}

	/* If we drop out, we were asked to serve a page which contains tags that
	 * we don't have a handler for. Merely echo back the tags with an error
	 * marker. */
#define UNKNOWN_TAG1_TEXT "<b>***UNKNOWN TAG "
#define UNKNOWN_TAG1_LEN  18
#define UNKNOWN_TAG2_TEXT "***</b>"
#define UNKNOWN_TAG2_LEN  7
	len = LWIP_MIN(sizeof(ssi->tag_name), LWIP_MIN(strlen(ssi->tag_name),
	               LWIP_HTTPD_MAX_TAG_INSERT_LEN - (UNKNOWN_TAG1_LEN + UNKNOWN_TAG2_LEN)));
	MEMCPY(ssi->tag_insert, UNKNOWN_TAG1_TEXT, UNKNOWN_TAG1_LEN);
	MEMCPY(&ssi->tag_insert[UNKNOWN_TAG1_LEN], ssi->tag_name, len);
	MEMCPY(&ssi->tag_insert[UNKNOWN_TAG1_LEN + len], UNKNOWN_TAG2_TEXT, UNKNOWN_TAG2_LEN);
	ssi->tag_insert[UNKNOWN_TAG1_LEN + len + UNKNOWN_TAG2_LEN] = 0;

	len = strlen(ssi->tag_insert);
	LWIP_ASSERT("len <= 0xffff", len <= 0xffff);
	ssi->tag_insert_len = (u16_t)len;
}

#endif /* LWIP_HTTPD_SSI */

#if LWIP_HTTPD_DYNAMIC_HEADERS
/**
 * Generate the relevant HTTP headers for the given filename and write
 * them into the supplied buffer.
 */
static void
get_http_headers(struct http_state* hs, const char* uri)
{
	size_t content_type;
	char* tmp;
	char* ext;
	char* vars;
	u8_t add_content_len;

	/* In all cases, the second header we send is the server identification
	   so set it here. */
	hs->hdrs[HDR_STRINGS_IDX_SERVER_NAME] = g_psHTTPHeaderStrings[HTTP_HDR_SERVER];
	hs->hdrs[HDR_STRINGS_IDX_CONTENT_LEN_KEPALIVE] = NULL;
	hs->hdrs[HDR_STRINGS_IDX_CONTENT_LEN_NR] = NULL;

	/* Is this a normal file or the special case we use to send back the
	   default "404: Page not found" response? */
	if(uri == NULL) {
		hs->hdrs[HDR_STRINGS_IDX_HTTP_STATUS] = g_psHTTPHeaderStrings[HTTP_HDR_NOT_FOUND];
#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE

		if(hs->keepalive) {
			hs->hdrs[HDR_STRINGS_IDX_CONTENT_TYPE] = g_psHTTPHeaderStrings[DEFAULT_404_HTML_PERSISTENT];
		} else
#endif
		{
			hs->hdrs[HDR_STRINGS_IDX_CONTENT_TYPE] = g_psHTTPHeaderStrings[DEFAULT_404_HTML];
		}

		/* Set up to send the first header string. */
		hs->hdr_index = 0;
		hs->hdr_pos = 0;
		return;
	}

	/* We are dealing with a particular filename. Look for one other
	    special case.  We assume that any filename with "404" in it must be
	    indicative of a 404 server error whereas all other files require
	    the 200 OK header. */
	if(strstr(uri, "404")) {
		hs->hdrs[HDR_STRINGS_IDX_HTTP_STATUS] = g_psHTTPHeaderStrings[HTTP_HDR_NOT_FOUND];
	} else if(strstr(uri, "400")) {
		hs->hdrs[HDR_STRINGS_IDX_HTTP_STATUS] = g_psHTTPHeaderStrings[HTTP_HDR_BAD_REQUEST];
	} else if(strstr(uri, "501")) {
		hs->hdrs[HDR_STRINGS_IDX_HTTP_STATUS] = g_psHTTPHeaderStrings[HTTP_HDR_NOT_IMPL];
	} else {
		hs->hdrs[HDR_STRINGS_IDX_HTTP_STATUS] = g_psHTTPHeaderStrings[HTTP_HDR_OK];
	}

	/* Determine if the URI has any variables and, if so, temporarily remove
	    them. */
	vars = strchr(uri, '?');

	if(vars) {
		*vars = '\0';
	}

	/* Get a pointer to the file extension.  We find this by looking for the
	    last occurrence of "." in the filename passed. */
	ext = NULL;
	tmp = strchr(uri, '.');

	while(tmp) {
		ext = tmp + 1;
		tmp = strchr(ext, '.');
	}

	if(ext != NULL) {
		/* Now determine the content type and add the relevant header for that. */
		for(content_type = 0; content_type < NUM_HTTP_HEADERS; content_type++) {
			/* Have we found a matching extension? */
			if(!lwip_stricmp(g_psHTTPHeaders[content_type].extension, ext)) {
				break;
			}
		}
	} else {
		content_type = NUM_HTTP_HEADERS;
	}

	/* Reinstate the parameter marker if there was one in the original URI. */
	if(vars) {
		*vars = '?';
	}

#if LWIP_HTTPD_OMIT_HEADER_FOR_EXTENSIONLESS_URI

	/* Does the URL passed have any file extension?  If not, we assume it
	   is a special-case URL used for control state notification and we do
	   not send any HTTP headers with the response. */
	if(!ext) {
		/* Force the header index to a value indicating that all headers
		   have already been sent. */
		hs->hdr_index = NUM_FILE_HDR_STRINGS;
		return;
	}

#endif /* LWIP_HTTPD_OMIT_HEADER_FOR_EXTENSIONLESS_URI */
	add_content_len = 1;

	/* Did we find a matching extension? */
	if(content_type < NUM_HTTP_HEADERS) {
		/* yes, store it */
		hs->hdrs[HDR_STRINGS_IDX_CONTENT_TYPE] = g_psHTTPHeaders[content_type].content_type;
	} else if(!ext) {
		/* no, no extension found -> use binary transfer to prevent the browser adding '.txt' on save */
		hs->hdrs[HDR_STRINGS_IDX_CONTENT_TYPE] = HTTP_HDR_APP;
	} else {
		/* No - use the default, plain text file type. */
		hs->hdrs[HDR_STRINGS_IDX_CONTENT_TYPE] = HTTP_HDR_DEFAULT_TYPE;
	}

	/* Add content-length header? */
#if LWIP_HTTPD_SSI

	if(hs->ssi != NULL) {
		add_content_len = 0; /* @todo: get maximum file length from SSI */
	} else
#endif /* LWIP_HTTPD_SSI */
		if((hs->handle == NULL) ||
		        ((hs->handle->flags & (FS_FILE_FLAGS_HEADER_INCLUDED | FS_FILE_FLAGS_HEADER_PERSISTENT)) == FS_FILE_FLAGS_HEADER_INCLUDED)) {
			add_content_len = 0;
		}

	if(add_content_len) {
		size_t len;
		lwip_itoa(hs->hdr_content_len, (size_t)LWIP_HTTPD_MAX_CONTENT_LEN_SIZE,
		          hs->handle->len);
		len = strlen(hs->hdr_content_len);

		if(len <= LWIP_HTTPD_MAX_CONTENT_LEN_SIZE - LWIP_HTTPD_MAX_CONTENT_LEN_OFFSET) {
			SMEMCPY(&hs->hdr_content_len[len], CRLF "\0", 3);
			hs->hdrs[HDR_STRINGS_IDX_CONTENT_LEN_NR] = hs->hdr_content_len;
		} else {
			add_content_len = 0;
		}
	}

#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE

	if(add_content_len) {
		hs->hdrs[HDR_STRINGS_IDX_CONTENT_LEN_KEPALIVE] = g_psHTTPHeaderStrings[HTTP_HDR_KEEPALIVE_LEN];
	} else {
		hs->hdrs[HDR_STRINGS_IDX_CONTENT_LEN_KEPALIVE] = g_psHTTPHeaderStrings[HTTP_HDR_CONN_CLOSE];
	}

#else /* LWIP_HTTPD_SUPPORT_11_KEEPALIVE */

	if(add_content_len) {
		hs->hdrs[HDR_STRINGS_IDX_CONTENT_LEN_KEPALIVE] = g_psHTTPHeaderStrings[HTTP_HDR_CONTENT_LENGTH];
	}

#endif /* LWIP_HTTPD_SUPPORT_11_KEEPALIVE */

	/* Set up to send the first header string. */
	hs->hdr_index = 0;
	hs->hdr_pos = 0;
}

/** Sub-function of http_send(): send dynamic headers
 *
 * @returns: - HTTP_NO_DATA_TO_SEND: no new data has been enqueued
 *           - HTTP_DATA_TO_SEND_CONTINUE: continue with sending HTTP body
 *           - HTTP_DATA_TO_SEND_BREAK: data has been enqueued, headers pending,
 *                                      so don't send HTTP body yet
 */
static u8_t
http_send_headers(struct tcp_pcb* pcb, struct http_state* hs)
{
	err_t err;
	u16_t len;
	u8_t data_to_send = HTTP_NO_DATA_TO_SEND;
	u16_t hdrlen, sendlen;

	/* How much data can we send? */
	len = tcp_sndbuf(pcb);
	sendlen = len;

	while(len && (hs->hdr_index < NUM_FILE_HDR_STRINGS) && sendlen) {
		const void* ptr;
		u16_t old_sendlen;
		u8_t apiflags;
		/* How much do we have to send from the current header? */
		hdrlen = (u16_t)strlen(hs->hdrs[hs->hdr_index]);

		/* How much of this can we send? */
		sendlen = (len < (hdrlen - hs->hdr_pos)) ? len : (hdrlen - hs->hdr_pos);

		/* Send this amount of data or as much as we can given memory
		 * constraints. */
		ptr = (const void*)(hs->hdrs[hs->hdr_index] + hs->hdr_pos);
		old_sendlen = sendlen;
		apiflags = HTTP_IS_HDR_VOLATILE(hs, ptr);

		if(hs->hdr_index == HDR_STRINGS_IDX_CONTENT_LEN_NR) {
			/* content-length is always volatile */
			apiflags |= TCP_WRITE_FLAG_COPY;
		}

		if(hs->hdr_index < NUM_FILE_HDR_STRINGS - 1) {
			apiflags |= TCP_WRITE_FLAG_MORE;
		}

		err = http_write(pcb, ptr, &sendlen, apiflags);

		if((err == ERR_OK) && (old_sendlen != sendlen)) {
			/* Remember that we added some more data to be transmitted. */
			data_to_send = HTTP_DATA_TO_SEND_CONTINUE;
		} else if(err != ERR_OK) {
			/* special case: http_write does not try to send 1 byte */
			sendlen = 0;
		}

		/* Fix up the header position for the next time round. */
		hs->hdr_pos += sendlen;
		len -= sendlen;

		/* Have we finished sending this string? */
		if(hs->hdr_pos == hdrlen) {
			/* Yes - move on to the next one */
			hs->hdr_index++;

			/* skip headers that are NULL (not all headers are required) */
			while((hs->hdr_index < NUM_FILE_HDR_STRINGS) &&
			        (hs->hdrs[hs->hdr_index] == NULL)) {
				hs->hdr_index++;
			}

			hs->hdr_pos = 0;
		}
	}

	if((hs->hdr_index >= NUM_FILE_HDR_STRINGS) && (hs->file == NULL)) {
		/* When we are at the end of the headers, check for data to send
		 * instead of waiting for ACK from remote side to continue
		 * (which would happen when sending files from async read). */
		if(http_check_eof(pcb, hs)) {
			data_to_send = HTTP_DATA_TO_SEND_CONTINUE;
		}
	}

	/* If we get here and there are still header bytes to send, we send
	 * the header information we just wrote immediately. If there are no
	 * more headers to send, but we do have file data to send, drop through
	 * to try to send some file data too. */
	if((hs->hdr_index < NUM_FILE_HDR_STRINGS) || !hs->file) {
		LWIP_DEBUGF(HTTPD_DEBUG, ("tcp_output\n"));
		return HTTP_DATA_TO_SEND_BREAK;
	}

	return data_to_send;
}
#endif /* LWIP_HTTPD_DYNAMIC_HEADERS */

/** Sub-function of http_send(): end-of-file (or block) is reached,
 * either close the file or read the next block (if supported).
 *
 * @returns: 0 if the file is finished or no data has been read
 *           1 if the file is not finished and data has been read
 */
static u8_t
http_check_eof(struct tcp_pcb* pcb, struct http_state* hs)
{
	int bytes_left;
#if LWIP_HTTPD_DYNAMIC_FILE_READ
	int count;
#ifdef HTTPD_MAX_WRITE_LEN
	int max_write_len;
#endif /* HTTPD_MAX_WRITE_LEN */
#endif /* LWIP_HTTPD_DYNAMIC_FILE_READ */

	/* Do we have a valid file handle? */
	if(hs->handle == NULL) {
		/* No - close the connection. */
		http_eof(pcb, hs);
		return 0;
	}

	bytes_left = fs_bytes_left(hs->handle);

	if(bytes_left <= 0) {
		/* We reached the end of the file so this request is done. */
		LWIP_DEBUGF(HTTPD_DEBUG, ("End of file.\n"));
		http_eof(pcb, hs);
		return 0;
	}

#if LWIP_HTTPD_DYNAMIC_FILE_READ

	/* Do we already have a send buffer allocated? */
	if(hs->buf) {
		/* Yes - get the length of the buffer */
		count = LWIP_MIN(hs->buf_len, bytes_left);
	} else {
		/* We don't have a send buffer so allocate one now */
		count = tcp_sndbuf(pcb);

		if(bytes_left < count) {
			count = bytes_left;
		}

#ifdef HTTPD_MAX_WRITE_LEN
		/* Additional limitation: e.g. don't enqueue more than 2*mss at once */
		max_write_len = HTTPD_MAX_WRITE_LEN(pcb);

		if(count > max_write_len) {
			count = max_write_len;
		}

#endif /* HTTPD_MAX_WRITE_LEN */

		do {
			hs->buf = (char*)mem_malloc((mem_size_t)count);

			if(hs->buf != NULL) {
				hs->buf_len = count;
				break;
			}

			count = count / 2;
		} while(count > 100);

		/* Did we get a send buffer? If not, return immediately. */
		if(hs->buf == NULL) {
			LWIP_DEBUGF(HTTPD_DEBUG, ("No buff\n"));
			return 0;
		}
	}

	/* Read a block of data from the file. */
	LWIP_DEBUGF(HTTPD_DEBUG, ("Trying to read %d bytes.\n", count));

#if LWIP_HTTPD_FS_ASYNC_READ
	count = fs_read_async(hs->handle, hs->buf, count, http_continue, hs);
#else /* LWIP_HTTPD_FS_ASYNC_READ */
	count = fs_read(hs->handle, hs->buf, count);
#endif /* LWIP_HTTPD_FS_ASYNC_READ */

	if(count < 0) {
		if(count == FS_READ_DELAYED) {
			/* Delayed read, wait for FS to unblock us */
			return 0;
		}

		/* We reached the end of the file so this request is done.
		 * @todo: close here for HTTP/1.1 when reading file fails */
		LWIP_DEBUGF(HTTPD_DEBUG, ("End of file.\n"));
		http_eof(pcb, hs);
		return 0;
	}

	/* Set up to send the block of data we just read */
	LWIP_DEBUGF(HTTPD_DEBUG, ("Read %d bytes.\n", count));
	hs->left = count;
	hs->file = hs->buf;
#if LWIP_HTTPD_SSI

	if(hs->ssi) {
		hs->ssi->parse_left = count;
		hs->ssi->parsed = hs->buf;
	}

#endif /* LWIP_HTTPD_SSI */
#else /* LWIP_HTTPD_DYNAMIC_FILE_READ */
	LWIP_ASSERT("SSI and DYNAMIC_HEADERS turned off but eof not reached", 0);
#endif /* LWIP_HTTPD_SSI || LWIP_HTTPD_DYNAMIC_HEADERS */
	return 1;
}

/** Sub-function of http_send(): This is the normal send-routine for non-ssi files
 *
 * @returns: - 1: data has been written (so call tcp_ouput)
 *           - 0: no data has been written (no need to call tcp_output)
 */
static u8_t
http_send_data_nonssi(struct tcp_pcb* pcb, struct http_state* hs)
{
	err_t err;
	u16_t len;
	u8_t data_to_send = 0;

	/* We are not processing an SHTML file so no tag checking is necessary.
	 * Just send the data as we received it from the file. */
	len = (u16_t)LWIP_MIN(hs->left, 0xffff);

	err = http_write(pcb, hs->file, &len, HTTP_IS_DATA_VOLATILE(hs));

	if(err == ERR_OK) {
		data_to_send = 1;
		hs->file += len;
		hs->left -= len;
	}

	return data_to_send;
}

#if LWIP_HTTPD_SSI
/** Sub-function of http_send(): This is the send-routine for ssi files
 *
 * @returns: - 1: data has been written (so call tcp_ouput)
 *           - 0: no data has been written (no need to call tcp_output)
 */
static u8_t
http_send_data_ssi(struct tcp_pcb* pcb, struct http_state* hs)
{
	err_t err = ERR_OK;
	u16_t len;
	u8_t data_to_send = 0;

	struct http_ssi_state* ssi = hs->ssi;
	LWIP_ASSERT("ssi != NULL", ssi != NULL);
	/* We are processing an SHTML file so need to scan for tags and replace
	 * them with insert strings. We need to be careful here since a tag may
	 * straddle the boundary of two blocks read from the file and we may also
	 * have to split the insert string between two tcp_write operations. */

	/* How much data could we send? */
	len = tcp_sndbuf(pcb);

	/* Do we have remaining data to send before parsing more? */
	if(ssi->parsed > hs->file) {
		len = (u16_t)LWIP_MIN(ssi->parsed - hs->file, 0xffff);

		err = http_write(pcb, hs->file, &len, HTTP_IS_DATA_VOLATILE(hs));

		if(err == ERR_OK) {
			data_to_send = 1;
			hs->file += len;
			hs->left -= len;
		}

		/* If the send buffer is full, return now. */
		if(tcp_sndbuf(pcb) == 0) {
			return data_to_send;
		}
	}

	LWIP_DEBUGF(HTTPD_DEBUG, ("State %d, %d left\n", ssi->tag_state, (int)ssi->parse_left));

	/* We have sent all the data that was already parsed so continue parsing
	 * the buffer contents looking for SSI tags. */
	while((ssi->parse_left) && (err == ERR_OK)) {
		if(len == 0) {
			return data_to_send;
		}

		switch(ssi->tag_state) {
			case TAG_NONE:

				/* We are not currently processing an SSI tag so scan for the
				 * start of the lead-in marker. */
				if(*ssi->parsed == g_pcTagLeadIn[0]) {
					/* We found what could be the lead-in for a new tag so change
					 * state appropriately. */
					ssi->tag_state = TAG_LEADIN;
					ssi->tag_index = 1;
#if !LWIP_HTTPD_SSI_INCLUDE_TAG
					ssi->tag_started = ssi->parsed;
#endif /* !LWIP_HTTPD_SSI_INCLUDE_TAG */
				}

				/* Move on to the next character in the buffer */
				ssi->parse_left--;
				ssi->parsed++;
				break;

			case TAG_LEADIN:

				/* We are processing the lead-in marker, looking for the start of
				 * the tag name. */

				/* Have we reached the end of the leadin? */
				if(ssi->tag_index == LEN_TAG_LEAD_IN) {
					ssi->tag_index = 0;
					ssi->tag_state = TAG_FOUND;
				} else {
					/* Have we found the next character we expect for the tag leadin? */
					if(*ssi->parsed == g_pcTagLeadIn[ssi->tag_index]) {
						/* Yes - move to the next one unless we have found the complete
						 * leadin, in which case we start looking for the tag itself */
						ssi->tag_index++;
					} else {
						/* We found an unexpected character so this is not a tag. Move
						 * back to idle state. */
						ssi->tag_state = TAG_NONE;
					}

					/* Move on to the next character in the buffer */
					ssi->parse_left--;
					ssi->parsed++;
				}

				break;

			case TAG_FOUND:

				/* We are reading the tag name, looking for the start of the
				 * lead-out marker and removing any whitespace found. */

				/* Remove leading whitespace between the tag leading and the first
				 * tag name character. */
				if((ssi->tag_index == 0) && ((*ssi->parsed == ' ') ||
				                             (*ssi->parsed == '\t') || (*ssi->parsed == '\n') ||
				                             (*ssi->parsed == '\r'))) {
					/* Move on to the next character in the buffer */
					ssi->parse_left--;
					ssi->parsed++;
					break;
				}

				/* Have we found the end of the tag name? This is signalled by
				 * us finding the first leadout character or whitespace */
				if((*ssi->parsed == g_pcTagLeadOut[0]) ||
				        (*ssi->parsed == ' ')  || (*ssi->parsed == '\t') ||
				        (*ssi->parsed == '\n') || (*ssi->parsed == '\r')) {

					if(ssi->tag_index == 0) {
						/* We read a zero length tag so ignore it. */
						ssi->tag_state = TAG_NONE;
					} else {
						/* We read a non-empty tag so go ahead and look for the
						 * leadout string. */
						ssi->tag_state = TAG_LEADOUT;
						LWIP_ASSERT("ssi->tag_index <= 0xff", ssi->tag_index <= 0xff);
						ssi->tag_name_len = (u8_t)ssi->tag_index;
						ssi->tag_name[ssi->tag_index] = '\0';

						if(*ssi->parsed == g_pcTagLeadOut[0]) {
							ssi->tag_index = 1;
						} else {
							ssi->tag_index = 0;
						}
					}
				} else {
					/* This character is part of the tag name so save it */
					if(ssi->tag_index < LWIP_HTTPD_MAX_TAG_NAME_LEN) {
						ssi->tag_name[ssi->tag_index++] = *ssi->parsed;
					} else {
						/* The tag was too long so ignore it. */
						ssi->tag_state = TAG_NONE;
					}
				}

				/* Move on to the next character in the buffer */
				ssi->parse_left--;
				ssi->parsed++;

				break;

			/* We are looking for the end of the lead-out marker. */
			case TAG_LEADOUT:

				/* Remove leading whitespace between the tag leading and the first
				 * tag leadout character. */
				if((ssi->tag_index == 0) && ((*ssi->parsed == ' ') ||
				                             (*ssi->parsed == '\t') || (*ssi->parsed == '\n') ||
				                             (*ssi->parsed == '\r'))) {
					/* Move on to the next character in the buffer */
					ssi->parse_left--;
					ssi->parsed++;
					break;
				}

				/* Have we found the next character we expect for the tag leadout? */
				if(*ssi->parsed == g_pcTagLeadOut[ssi->tag_index]) {
					/* Yes - move to the next one unless we have found the complete
					 * leadout, in which case we need to call the client to process
					 * the tag. */

					/* Move on to the next character in the buffer */
					ssi->parse_left--;
					ssi->parsed++;

					if(ssi->tag_index == (LEN_TAG_LEAD_OUT - 1)) {
						/* Call the client to ask for the insert string for the
						 * tag we just found. */
#if LWIP_HTTPD_SSI_MULTIPART
						ssi->tag_part = 0; /* start with tag part 0 */
#endif /* LWIP_HTTPD_SSI_MULTIPART */
						get_tag_insert(hs);

						/* Next time through, we are going to be sending data
						 * immediately, either the end of the block we start
						 * sending here or the insert string. */
						ssi->tag_index = 0;
						ssi->tag_state = TAG_SENDING;
						ssi->tag_end = ssi->parsed;
#if !LWIP_HTTPD_SSI_INCLUDE_TAG
						ssi->parsed = ssi->tag_started;
#endif /* !LWIP_HTTPD_SSI_INCLUDE_TAG*/

						/* If there is any unsent data in the buffer prior to the
						 * tag, we need to send it now. */
						if(ssi->tag_end > hs->file) {
							/* How much of the data can we send? */
#if LWIP_HTTPD_SSI_INCLUDE_TAG
							len = (u16_t)LWIP_MIN(ssi->tag_end - hs->file, 0xffff);
#else /* LWIP_HTTPD_SSI_INCLUDE_TAG*/
							/* we would include the tag in sending */
							len = (u16_t)LWIP_MIN(ssi->tag_started - hs->file, 0xffff);
#endif /* LWIP_HTTPD_SSI_INCLUDE_TAG*/

							err = http_write(pcb, hs->file, &len, HTTP_IS_DATA_VOLATILE(hs));

							if(err == ERR_OK) {
								data_to_send = 1;
#if !LWIP_HTTPD_SSI_INCLUDE_TAG

								if(ssi->tag_started <= hs->file) {
									/* pretend to have sent the tag, too */
									len += ssi->tag_end - ssi->tag_started;
								}

#endif /* !LWIP_HTTPD_SSI_INCLUDE_TAG*/
								hs->file += len;
								hs->left -= len;
							}
						}
					} else {
						ssi->tag_index++;
					}
				} else {
					/* We found an unexpected character so this is not a tag. Move
					 * back to idle state. */
					ssi->parse_left--;
					ssi->parsed++;
					ssi->tag_state = TAG_NONE;
				}

				break;

			/*
			 * We have found a valid tag and are in the process of sending
			 * data as a result of that discovery. We send either remaining data
			 * from the file prior to the insert point or the insert string itself.
			 */
			case TAG_SENDING:

				/* Do we have any remaining file data to send from the buffer prior
				 * to the tag? */
				if(ssi->tag_end > hs->file) {
					/* How much of the data can we send? */
#if LWIP_HTTPD_SSI_INCLUDE_TAG
					len = (u16_t)LWIP_MIN(ssi->tag_end - hs->file, 0xffff);
#else /* LWIP_HTTPD_SSI_INCLUDE_TAG*/
					LWIP_ASSERT("hs->started >= hs->file", ssi->tag_started >= hs->file);
					/* we would include the tag in sending */
					len = (u16_t)LWIP_MIN(ssi->tag_started - hs->file, 0xffff);
#endif /* LWIP_HTTPD_SSI_INCLUDE_TAG*/

					if(len != 0) {
						err = http_write(pcb, hs->file, &len, HTTP_IS_DATA_VOLATILE(hs));
					} else {
						err = ERR_OK;
					}

					if(err == ERR_OK) {
						data_to_send = 1;
#if !LWIP_HTTPD_SSI_INCLUDE_TAG

						if(ssi->tag_started <= hs->file) {
							/* pretend to have sent the tag, too */
							len += ssi->tag_end - ssi->tag_started;
						}

#endif /* !LWIP_HTTPD_SSI_INCLUDE_TAG*/
						hs->file += len;
						hs->left -= len;
					}
				} else {
#if LWIP_HTTPD_SSI_MULTIPART

					if(ssi->tag_index >= ssi->tag_insert_len) {
						/* Did the last SSIHandler have more to send? */
						if(ssi->tag_part != HTTPD_LAST_TAG_PART) {
							/* If so, call it again */
							ssi->tag_index = 0;
							get_tag_insert(hs);
						}
					}

#endif /* LWIP_HTTPD_SSI_MULTIPART */

					/* Do we still have insert data left to send? */
					if(ssi->tag_index < ssi->tag_insert_len) {
						/* We are sending the insert string itself. How much of the
						 * insert can we send? */
						len = (ssi->tag_insert_len - ssi->tag_index);

						/* Note that we set the copy flag here since we only have a
						 * single tag insert buffer per connection. If we don't do
						 * this, insert corruption can occur if more than one insert
						 * is processed before we call tcp_output. */
						err = http_write(pcb, &(ssi->tag_insert[ssi->tag_index]), &len,
						                 HTTP_IS_TAG_VOLATILE(hs));

						if(err == ERR_OK) {
							data_to_send = 1;
							ssi->tag_index += len;
							/* Don't return here: keep on sending data */
						}
					} else {
#if LWIP_HTTPD_SSI_MULTIPART

						if(ssi->tag_part == HTTPD_LAST_TAG_PART)
#endif /* LWIP_HTTPD_SSI_MULTIPART */
						{
							/* We have sent all the insert data so go back to looking for
							 * a new tag. */
							LWIP_DEBUGF(HTTPD_DEBUG, ("Everything sent.\n"));
							ssi->tag_index = 0;
							ssi->tag_state = TAG_NONE;
#if !LWIP_HTTPD_SSI_INCLUDE_TAG
							ssi->parsed = ssi->tag_end;
#endif /* !LWIP_HTTPD_SSI_INCLUDE_TAG*/
						}
					}

					break;

				default:
					break;
				}
		}
	}

	/* If we drop out of the end of the for loop, this implies we must have
	 * file data to send so send it now. In TAG_SENDING state, we've already
	 * handled this so skip the send if that's the case. */
	if((ssi->tag_state != TAG_SENDING) && (ssi->parsed > hs->file)) {
		len = (u16_t)LWIP_MIN(ssi->parsed - hs->file, 0xffff);

		err = http_write(pcb, hs->file, &len, HTTP_IS_DATA_VOLATILE(hs));

		if(err == ERR_OK) {
			data_to_send = 1;
			hs->file += len;
			hs->left -= len;
		}
	}

	return data_to_send;
}
#endif /* LWIP_HTTPD_SSI */

/**
 * Try to send more data on this pcb.
 *
 * @param pcb the pcb to send data
 * @param hs connection state
 */
static u8_t
http_send(struct tcp_pcb* pcb, struct http_state* hs)
{
	u8_t data_to_send = HTTP_NO_DATA_TO_SEND;

	LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("http_send: pcb=%p hs=%p left=%d\n", (void*)pcb,
	            (void*)hs, hs != NULL ? (int)hs->left : 0));

#if LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND

	if(hs->unrecved_bytes != 0) {
		return 0;
	}

#endif /* LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND */

	/* If we were passed a NULL state structure pointer, ignore the call. */
	if(hs == NULL) {
		return 0;
	}

#if LWIP_HTTPD_FS_ASYNC_READ

	/* Check if we are allowed to read from this file.
	   (e.g. SSI might want to delay sending until data is available) */
	if(!fs_is_file_ready(hs->handle, http_continue, hs)) {
		return 0;
	}

#endif /* LWIP_HTTPD_FS_ASYNC_READ */

#if LWIP_HTTPD_DYNAMIC_HEADERS

	/* Do we have any more header data to send for this file? */
	if(hs->hdr_index < NUM_FILE_HDR_STRINGS) {
		data_to_send = http_send_headers(pcb, hs);

		if((data_to_send != HTTP_DATA_TO_SEND_CONTINUE) &&
		        (hs->hdr_index < NUM_FILE_HDR_STRINGS)) {
			return data_to_send;
		}
	}

#endif /* LWIP_HTTPD_DYNAMIC_HEADERS */

	/* Have we run out of file data to send? If so, we need to read the next
	 * block from the file. */
	if(hs->left == 0) {
		if(!http_check_eof(pcb, hs)) {
			return 0;
		}
	}

#if LWIP_HTTPD_SSI

	if(hs->ssi) {
		data_to_send = http_send_data_ssi(pcb, hs);
	} else
#endif /* LWIP_HTTPD_SSI */
	{
		data_to_send = http_send_data_nonssi(pcb, hs);
	}

	if((hs->left == 0) && (fs_bytes_left(hs->handle) <= 0)) {
		/* We reached the end of the file so this request is done.
		 * This adds the FIN flag right into the last data segment. */
		LWIP_DEBUGF(HTTPD_DEBUG, ("End of file.\n"));
		http_eof(pcb, hs);
		return 0;
	}

	LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("send_data end.\n"));
	return data_to_send;
}

#if LWIP_HTTPD_SUPPORT_EXTSTATUS
/** Initialize a http connection with a file to send for an error message
 *
 * @param hs http connection state
 * @param error_nr HTTP error number
 * @return ERR_OK if file was found and hs has been initialized correctly
 *         another err_t otherwise
 */
static err_t
http_find_error_file(struct http_state* hs, u16_t error_nr)
{
	const char* uri1, *uri2, *uri3;
	err_t err;

	if(error_nr == 501) {
		uri1 = "/501.html";
		uri2 = "/501.htm";
		uri3 = "/501.shtml";
	} else {
		/* 400 (bad request is the default) */
		uri1 = "/400.html";
		uri2 = "/400.htm";
		uri3 = "/400.shtml";
	}

	err = fs_open(&hs->file_handle, uri1);

	if(err != ERR_OK) {
		err = fs_open(&hs->file_handle, uri2);

		if(err != ERR_OK) {
			err = fs_open(&hs->file_handle, uri3);

			if(err != ERR_OK) {
				LWIP_DEBUGF(HTTPD_DEBUG, ("Error page for error %"U16_F" not found\n",
				                          error_nr));
				return ERR_ARG;
			}
		}
	}

	return http_init_file(hs, &hs->file_handle, 0, NULL, 0, NULL);
}
#else /* LWIP_HTTPD_SUPPORT_EXTSTATUS */
#define http_find_error_file(hs, error_nr) ERR_ARG
#endif /* LWIP_HTTPD_SUPPORT_EXTSTATUS */

/**
 * Get the file struct for a 404 error page.
 * Tries some file names and returns NULL if none found.
 *
 * @param uri pointer that receives the actual file name URI
 * @return file struct for the error page or NULL no matching file was found
 */
static struct fs_file*
http_get_404_file(struct http_state* hs, const char** uri)
{
	err_t err;

	*uri = "/404.html";
	err = fs_open(&hs->file_handle, *uri);

	if(err != ERR_OK) {
		/* 404.html doesn't exist. Try 404.htm instead. */
		*uri = "/404.htm";
		err = fs_open(&hs->file_handle, *uri);

		if(err != ERR_OK) {
			/* 404.htm doesn't exist either. Try 404.shtml instead. */
			*uri = "/404.shtml";
			err = fs_open(&hs->file_handle, *uri);

			if(err != ERR_OK) {
				/* 404.htm doesn't exist either. Indicate to the caller that it should
				 * send back a default 404 page.
				 */
				*uri = NULL;
				return NULL;
			}
		}
	}

	return &hs->file_handle;
}

#if LWIP_HTTPD_SUPPORT_POST
static err_t
http_handle_post_finished(struct http_state* hs)
{
#if LWIP_HTTPD_POST_MANUAL_WND

	/* Prevent multiple calls to httpd_post_finished, since it might have already
	   been called before from httpd_post_data_recved(). */
	if(hs->post_finished) {
		return ERR_OK;
	}

	hs->post_finished = 1;
#endif /* LWIP_HTTPD_POST_MANUAL_WND */
	/* application error or POST finished */
	/* NULL-terminate the buffer */
	http_uri_buf[0] = 0;
	httpd_post_finished(hs, http_uri_buf, LWIP_HTTPD_URI_BUF_LEN);
	return http_find_file(hs, http_uri_buf, 0);
}

/** Pass received POST body data to the application and correctly handle
 * returning a response document or closing the connection.
 * ATTENTION: The application is responsible for the pbuf now, so don't free it!
 *
 * @param hs http connection state
 * @param p pbuf to pass to the application
 * @return ERR_OK if passed successfully, another err_t if the response file
 *         hasn't been found (after POST finished)
 */
static err_t
http_post_rxpbuf(struct http_state* hs, struct pbuf* p)
{
	err_t err;

	if(p != NULL) {
		/* adjust remaining Content-Length */
		if(hs->post_content_len_left < p->tot_len) {
			hs->post_content_len_left = 0;
		} else {
			hs->post_content_len_left -= p->tot_len;
		}
	}

#if LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND
	/* prevent connection being closed if httpd_post_data_recved() is called nested */
	hs->unrecved_bytes++;
#endif
	err = httpd_post_receive_data(hs, p);
#if LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND
	hs->unrecved_bytes--;
#endif

	if(err != ERR_OK) {
		/* Ignore remaining content in case of application error */
		hs->post_content_len_left = 0;
	}

	if(hs->post_content_len_left == 0) {
#if LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND

		if(hs->unrecved_bytes != 0) {
			return ERR_OK;
		}

#endif /* LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND */
		/* application error or POST finished */
		return http_handle_post_finished(hs);
	}

	return ERR_OK;
}

/** Handle a post request. Called from http_parse_request when method 'POST'
 * is found.
 *
 * @param p The input pbuf (containing the POST header and body).
 * @param hs The http connection state.
 * @param data HTTP request (header and part of body) from input pbuf(s).
 * @param data_len Size of 'data'.
 * @param uri The HTTP URI parsed from input pbuf(s).
 * @param uri_end Pointer to the end of 'uri' (here, the rest of the HTTP
 *                header starts).
 * @return ERR_OK: POST correctly parsed and accepted by the application.
 *         ERR_INPROGRESS: POST not completely parsed (no error yet)
 *         another err_t: Error parsing POST or denied by the application
 */
static err_t
http_post_request(struct pbuf* inp, struct http_state* hs,
                  char* data, u16_t data_len, char* uri, char* uri_end)
{
	err_t err;
	/* search for end-of-header (first double-CRLF) */
	char* crlfcrlf = lwip_strnstr(uri_end + 1, CRLF CRLF, data_len - (uri_end + 1 - data));

	if(crlfcrlf != NULL) {
		/* search for "Content-Length: " */
#define HTTP_HDR_CONTENT_LEN                "Content-Length: "
#define HTTP_HDR_CONTENT_LEN_LEN            16
#define HTTP_HDR_CONTENT_LEN_DIGIT_MAX_LEN  10
		char* scontent_len = lwip_strnstr(uri_end + 1, HTTP_HDR_CONTENT_LEN, crlfcrlf - (uri_end + 1));

		if(scontent_len != NULL) {
			char* scontent_len_end = lwip_strnstr(scontent_len + HTTP_HDR_CONTENT_LEN_LEN, CRLF, HTTP_HDR_CONTENT_LEN_DIGIT_MAX_LEN);

			if(scontent_len_end != NULL) {
				int content_len;
				char* content_len_num = scontent_len + HTTP_HDR_CONTENT_LEN_LEN;
				content_len = atoi(content_len_num);

				if(content_len == 0) {
					/* if atoi returns 0 on error, fix this */
					if((content_len_num[0] != '0') || (content_len_num[1] != '\r')) {
						content_len = -1;
					}
				}

				if(content_len >= 0) {
					/* adjust length of HTTP header passed to application */
					const char* hdr_start_after_uri = uri_end + 1;
					u16_t hdr_len = (u16_t)LWIP_MIN(data_len, crlfcrlf + 4 - data);
					u16_t hdr_data_len = (u16_t)LWIP_MIN(data_len, crlfcrlf + 4 - hdr_start_after_uri);
					u8_t post_auto_wnd = 1;
					http_uri_buf[0] = 0;
					/* trim http header */
					*crlfcrlf = 0;
					err = httpd_post_begin(hs, uri, hdr_start_after_uri, hdr_data_len, content_len,
					                       http_uri_buf, LWIP_HTTPD_URI_BUF_LEN, &post_auto_wnd);

					if(err == ERR_OK) {
						/* try to pass in data of the first pbuf(s) */
						struct pbuf* q = inp;
						u16_t start_offset = hdr_len;
#if LWIP_HTTPD_POST_MANUAL_WND
						hs->no_auto_wnd = !post_auto_wnd;
#endif /* LWIP_HTTPD_POST_MANUAL_WND */
						/* set the Content-Length to be received for this POST */
						hs->post_content_len_left = (u32_t)content_len;

						/* get to the pbuf where the body starts */
						while((q != NULL) && (q->len <= start_offset)) {
							start_offset -= q->len;
							q = q->next;
						}

						if(q != NULL) {
							/* hide the remaining HTTP header */
							pbuf_header(q, -(s16_t)start_offset);
#if LWIP_HTTPD_POST_MANUAL_WND

							if(!post_auto_wnd) {
								/* already tcp_recved() this data... */
								hs->unrecved_bytes = q->tot_len;
							}

#endif /* LWIP_HTTPD_POST_MANUAL_WND */
							pbuf_ref(q);
							return http_post_rxpbuf(hs, q);
						} else if(hs->post_content_len_left == 0) {
							q = pbuf_alloc(PBUF_RAW, 0, PBUF_REF);
							return http_post_rxpbuf(hs, q);
						} else {
							return ERR_OK;
						}
					} else {
						/* return file passed from application */
						return http_find_file(hs, http_uri_buf, 0);
					}
				} else {
					LWIP_DEBUGF(HTTPD_DEBUG, ("POST received invalid Content-Length: %s\n",
					                          content_len_num));
					return ERR_ARG;
				}
			}
		}

		/* If we come here, headers are fully received (double-crlf), but Content-Length
		   was not included. Since this is currently the only supported method, we have
		   to fail in this case! */
		LWIP_DEBUGF(HTTPD_DEBUG, ("Error when parsing Content-Length\n"));
		return ERR_ARG;
	}

	/* if we come here, the POST is incomplete */
#if LWIP_HTTPD_SUPPORT_REQUESTLIST
	return ERR_INPROGRESS;
#else /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
	return ERR_ARG;
#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
}

#if LWIP_HTTPD_POST_MANUAL_WND
/** A POST implementation can call this function to update the TCP window.
 * This can be used to throttle data reception (e.g. when received data is
 * programmed to flash and data is received faster than programmed).
 *
 * @param connection A connection handle passed to httpd_post_begin for which
 *        httpd_post_finished has *NOT* been called yet!
 * @param recved_len Length of data received (for window update)
 */
void httpd_post_data_recved(void* connection, u16_t recved_len)
{
	struct http_state* hs = (struct http_state*)connection;

	if(hs != NULL) {
		if(hs->no_auto_wnd) {
			u16_t len = recved_len;

			if(hs->unrecved_bytes >= recved_len) {
				hs->unrecved_bytes -= recved_len;
			} else {
				LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_LEVEL_WARNING, ("httpd_post_data_recved: recved_len too big\n"));
				len = (u16_t)hs->unrecved_bytes;
				hs->unrecved_bytes = 0;
			}

			if(hs->pcb != NULL) {
				if(len != 0) {
					tcp_recved(hs->pcb, len);
				}

				if((hs->post_content_len_left == 0) && (hs->unrecved_bytes == 0)) {
					/* finished handling POST */
					http_handle_post_finished(hs);
					http_send(hs->pcb, hs);
				}
			}
		}
	}
}
#endif /* LWIP_HTTPD_POST_MANUAL_WND */

#endif /* LWIP_HTTPD_SUPPORT_POST */

#if LWIP_HTTPD_FS_ASYNC_READ
/** Try to send more data if file has been blocked before
 * This is a callback function passed to fs_read_async().
 */
static void
http_continue(void* connection)
{
	struct http_state* hs = (struct http_state*)connection;

	if(hs && (hs->pcb) && (hs->handle)) {
		LWIP_ASSERT("hs->pcb != NULL", hs->pcb != NULL);
		LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("httpd_continue: try to send more data\n"));

		if(http_send(hs->pcb, hs)) {
			/* If we wrote anything to be sent, go ahead and send it now. */
			LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("tcp_output\n"));
			tcp_output(hs->pcb);
		}
	}
}
#endif /* LWIP_HTTPD_FS_ASYNC_READ */

/**
 * When data has been received in the correct state, try to parse it
 * as a HTTP request.
 *
 * @param inp the received pbuf
 * @param hs the connection state
 * @param pcb the tcp_pcb which received this packet
 * @return ERR_OK if request was OK and hs has been initialized correctly
 *         ERR_INPROGRESS if request was OK so far but not fully received
 *         another err_t otherwise
 */
static err_t
http_parse_request(struct pbuf* inp, struct http_state* hs, struct tcp_pcb* pcb)
{
	char* data;
	char* crlf;
	u16_t data_len;
	struct pbuf* p = inp;
#if LWIP_HTTPD_SUPPORT_REQUESTLIST
	u16_t clen;
#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
#if LWIP_HTTPD_SUPPORT_POST
	err_t err;
#endif /* LWIP_HTTPD_SUPPORT_POST */

	LWIP_UNUSED_ARG(pcb); /* only used for post */
	LWIP_ASSERT("p != NULL", p != NULL);
	LWIP_ASSERT("hs != NULL", hs != NULL);

	if((hs->handle != NULL) || (hs->file != NULL)) {
		LWIP_DEBUGF(HTTPD_DEBUG, ("Received data while sending a file\n"));
		/* already sending a file */
		/* @todo: abort? */
		return ERR_USE;
	}

#if LWIP_HTTPD_SUPPORT_REQUESTLIST

	LWIP_DEBUGF(HTTPD_DEBUG, ("Received %"U16_F" bytes\n", p->tot_len));

	/* first check allowed characters in this pbuf? */

	/* enqueue the pbuf */
	if(hs->req == NULL) {
		LWIP_DEBUGF(HTTPD_DEBUG, ("First pbuf\n"));
		hs->req = p;
	} else {
		LWIP_DEBUGF(HTTPD_DEBUG, ("pbuf enqueued\n"));
		pbuf_cat(hs->req, p);
	}

	/* increase pbuf ref counter as it is freed when we return but we want to
	   keep it on the req list */
	pbuf_ref(p);

	if(hs->req->next != NULL) {
		data_len = LWIP_MIN(hs->req->tot_len, LWIP_HTTPD_MAX_REQ_LENGTH);
		pbuf_copy_partial(hs->req, httpd_req_buf, data_len, 0);
		data = httpd_req_buf;
	} else
#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
	{
		data = (char*)p->payload;
		data_len = p->len;

		if(p->len != p->tot_len) {
			LWIP_DEBUGF(HTTPD_DEBUG, ("Warning: incomplete header due to chained pbufs\n"));
		}
	}

	/* received enough data for minimal request? */
	if(data_len >= MIN_REQ_LEN) {
		/* wait for CRLF before parsing anything */
		crlf = lwip_strnstr(data, CRLF, data_len);

		if(crlf != NULL) {
#if LWIP_HTTPD_SUPPORT_POST
			int is_post = 0;
#endif /* LWIP_HTTPD_SUPPORT_POST */
			int is_09 = 0;
			char* sp1, *sp2;
			u16_t left_len, uri_len;
			LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("CRLF received, parsing request\n"));

			/* parse method */
			if(!strncmp(data, "GET ", 4)) {
				sp1 = data + 3;
				/* received GET request */
				LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Received GET request\"\n"));
#if LWIP_HTTPD_SUPPORT_POST
			} else if(!strncmp(data, "POST ", 5)) {
				/* store request type */
				is_post = 1;
				sp1 = data + 4;
				/* received GET request */
				LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Received POST request\n"));
#endif /* LWIP_HTTPD_SUPPORT_POST */
			} else {
				/* null-terminate the METHOD (pbuf is freed anyway wen returning) */
				data[4] = 0;
				/* unsupported method! */
				LWIP_DEBUGF(HTTPD_DEBUG, ("Unsupported request method (not implemented): \"%s\"\n",
				                          data));
				return http_find_error_file(hs, 501);
			}

			/* if we come here, method is OK, parse URI */
			left_len = (u16_t)(data_len - ((sp1 + 1) - data));
			sp2 = lwip_strnstr(sp1 + 1, " ", left_len);
#if LWIP_HTTPD_SUPPORT_V09

			if(sp2 == NULL) {
				/* HTTP 0.9: respond with correct protocol version */
				sp2 = lwip_strnstr(sp1 + 1, CRLF, left_len);
				is_09 = 1;
#if LWIP_HTTPD_SUPPORT_POST

				if(is_post) {
					/* HTTP/0.9 does not support POST */
					goto badrequest;
				}

#endif /* LWIP_HTTPD_SUPPORT_POST */
			}

#endif /* LWIP_HTTPD_SUPPORT_V09 */
			uri_len = (u16_t)(sp2 - (sp1 + 1));

			if((sp2 != 0) && (sp2 > sp1)) {
				/* wait for CRLFCRLF (indicating end of HTTP headers) before parsing anything */
				if(lwip_strnstr(data, CRLF CRLF, data_len) != NULL) {
					char* uri = sp1 + 1;
#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE

					/* This is HTTP/1.0 compatible: for strict 1.1, a connection
					   would always be persistent unless "close" was specified. */
					if(!is_09 && (lwip_strnstr(data, HTTP11_CONNECTIONKEEPALIVE, data_len) ||
					              lwip_strnstr(data, HTTP11_CONNECTIONKEEPALIVE2, data_len))) {
						hs->keepalive = 1;
					} else {
						hs->keepalive = 0;
					}

#endif /* LWIP_HTTPD_SUPPORT_11_KEEPALIVE */
					/* null-terminate the METHOD (pbuf is freed anyway wen returning) */
					*sp1 = 0;
					uri[uri_len] = 0;
					LWIP_DEBUGF(HTTPD_DEBUG, ("Received \"%s\" request for URI: \"%s\"\n",
					                          data, uri));
#if LWIP_HTTPD_SUPPORT_POST

					if(is_post) {
#if LWIP_HTTPD_SUPPORT_REQUESTLIST
						struct pbuf* q = hs->req;
#else /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
						struct pbuf* q = inp;
#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
						err = http_post_request(q, hs, data, data_len, uri, sp2);

						if(err != ERR_OK) {
							/* restore header for next try */
							*sp1 = ' ';
							*sp2 = ' ';
							uri[uri_len] = ' ';
						}

						if(err == ERR_ARG) {
							goto badrequest;
						}

						return err;
					} else
#endif /* LWIP_HTTPD_SUPPORT_POST */
					{
						return http_find_file(hs, uri, is_09);
					}
				}
			} else {
				LWIP_DEBUGF(HTTPD_DEBUG, ("invalid URI\n"));
			}
		}
	}

#if LWIP_HTTPD_SUPPORT_REQUESTLIST
	clen = pbuf_clen(hs->req);

	if((hs->req->tot_len <= LWIP_HTTPD_REQ_BUFSIZE) &&
	        (clen <= LWIP_HTTPD_REQ_QUEUELEN)) {
		/* request not fully received (too short or CRLF is missing) */
		return ERR_INPROGRESS;
	} else
#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
	{
#if LWIP_HTTPD_SUPPORT_POST
badrequest:
#endif /* LWIP_HTTPD_SUPPORT_POST */
		LWIP_DEBUGF(HTTPD_DEBUG, ("bad request\n"));
		/* could not parse request */
		return http_find_error_file(hs, 400);
	}
}

/** Try to find the file specified by uri and, if found, initialize hs
 * accordingly.
 *
 * @param hs the connection state
 * @param uri the HTTP header URI
 * @param is_09 1 if the request is HTTP/0.9 (no HTTP headers in response)
 * @return ERR_OK if file was found and hs has been initialized correctly
 *         another err_t otherwise
 */
static err_t
http_find_file(struct http_state* hs, const char* uri, int is_09)
{
	size_t loop;
	struct fs_file* file = NULL;
	char* params = NULL;
	err_t err;
#if LWIP_HTTPD_CGI
	int i;
#endif /* LWIP_HTTPD_CGI */
#if !LWIP_HTTPD_SSI
	const
#endif /* !LWIP_HTTPD_SSI */
	/* By default, assume we will not be processing server-side-includes tags */
	u8_t tag_check = 0;

	/* Have we been asked for the default file (in root or a directory) ? */
#if LWIP_HTTPD_MAX_REQUEST_URI_LEN
	size_t uri_len = strlen(uri);

	if((uri_len > 0) && (uri[uri_len - 1] == '/') &&
	        ((uri != http_uri_buf) || (uri_len == 1))) {
		size_t copy_len = LWIP_MIN(sizeof(http_uri_buf) - 1, uri_len - 1);

		if(copy_len > 0) {
			MEMCPY(http_uri_buf, uri, copy_len);
			http_uri_buf[copy_len] = 0;
		}

#else /* LWIP_HTTPD_MAX_REQUEST_URI_LEN */

	if((uri[0] == '/') && (uri[1] == 0)) {
#endif /* LWIP_HTTPD_MAX_REQUEST_URI_LEN */

		/* Try each of the configured default filenames until we find one
		   that exists. */
		for(loop = 0; loop < NUM_DEFAULT_FILENAMES; loop++) {
			const char* file_name;
#if LWIP_HTTPD_MAX_REQUEST_URI_LEN

			if(copy_len > 0) {
				size_t len_left = sizeof(http_uri_buf) - copy_len - 1;

				if(len_left > 0) {
					size_t name_len = strlen(g_psDefaultFilenames[loop].name);
					size_t name_copy_len = LWIP_MIN(len_left, name_len);
					MEMCPY(&http_uri_buf[copy_len], g_psDefaultFilenames[loop].name, name_copy_len);
				}

				file_name = http_uri_buf;
			} else
#endif /* LWIP_HTTPD_MAX_REQUEST_URI_LEN */
			{
				file_name = g_psDefaultFilenames[loop].name;
			}

			LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Looking for %s...\n", file_name));
			err = fs_open(&hs->file_handle, file_name);

			if(err == ERR_OK) {
				uri = file_name;
				file = &hs->file_handle;
				LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Opened.\n"));
#if LWIP_HTTPD_SSI
				tag_check = g_psDefaultFilenames[loop].shtml;
#endif /* LWIP_HTTPD_SSI */
				break;
			}
		}
	}

	if(file == NULL) {
		/* No - we've been asked for a specific file. */
		/* First, isolate the base URI (without any parameters) */
		params = (char*)strchr(uri, '?');

		if(params != NULL) {
			/* URI contains parameters. NULL-terminate the base URI */
			*params = '\0';
			params++;
		}

#if LWIP_HTTPD_CGI
		http_cgi_paramcount = -1;

		/* Does the base URI we have isolated correspond to a CGI handler? */
		if(g_iNumCGIs && g_pCGIs) {
			for(i = 0; i < g_iNumCGIs; i++) {
				if(strcmp(uri, g_pCGIs[i].pcCGIName) == 0) {
					/*
					 * We found a CGI that handles this URI so extract the
					 * parameters and call the handler.
					 */
					http_cgi_paramcount = extract_uri_parameters(hs, params);
					uri = g_pCGIs[i].pfnCGIHandler(i, http_cgi_paramcount, hs->params,
					                               hs->param_vals);
					break;
				}
			}
		}

#endif /* LWIP_HTTPD_CGI */

		LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("Opening %s\n", uri));

		err = fs_open(&hs->file_handle, uri);

		if(err == ERR_OK) {
			file = &hs->file_handle;
		} else {
			file = http_get_404_file(hs, &uri);
		}

#if LWIP_HTTPD_SSI

		if(file != NULL) {
			/* See if we have been asked for an shtml file and, if so,
			   enable tag checking. */
			const char* ext = NULL, *sub;
			char* param = (char*)strstr(uri, "?");

			if(param != NULL) {
				/* separate uri from parameters for now, set back later */
				*param = 0;
			}

			sub = uri;
			ext = uri;

			for(sub = strstr(sub, "."); sub != NULL; sub = strstr(sub, ".")) {
				ext = sub;
				sub++;
			}

			tag_check = 0;

			for(loop = 0; loop < NUM_SHTML_EXTENSIONS; loop++) {
				if(!lwip_stricmp(ext, g_pcSSIExtensions[loop])) {
					tag_check = 1;
					break;
				}
			}

			if(param != NULL) {
				*param = '?';
			}
		}

#endif /* LWIP_HTTPD_SSI */
	}

	if(file == NULL) {
		/* None of the default filenames exist so send back a 404 page */
		file = http_get_404_file(hs, &uri);
	}

	return http_init_file(hs, file, is_09, uri, tag_check, params);
}

/** Initialize a http connection with a file to send (if found).
 * Called by http_find_file and http_find_error_file.
 *
 * @param hs http connection state
 * @param file file structure to send (or NULL if not found)
 * @param is_09 1 if the request is HTTP/0.9 (no HTTP headers in response)
 * @param uri the HTTP header URI
 * @param tag_check enable SSI tag checking
 * @param params != NULL if URI has parameters (separated by '?')
 * @return ERR_OK if file was found and hs has been initialized correctly
 *         another err_t otherwise
 */
static err_t
http_init_file(struct http_state* hs, struct fs_file* file, int is_09, const char* uri,
               u8_t tag_check, char* params)
{
	if(file != NULL) {
		/* file opened, initialise struct http_state */
#if LWIP_HTTPD_SSI
		if(tag_check) {
			struct http_ssi_state* ssi = http_ssi_state_alloc();

			if(ssi != NULL) {
				ssi->tag_index = 0;
				ssi->tag_state = TAG_NONE;
				ssi->parsed = file->data;
				ssi->parse_left = file->len;
				ssi->tag_end = file->data;
				hs->ssi = ssi;
			}
		}

#else /* LWIP_HTTPD_SSI */
		LWIP_UNUSED_ARG(tag_check);
#endif /* LWIP_HTTPD_SSI */
		hs->handle = file;
		hs->file = file->data;
		LWIP_ASSERT("File length must be positive!", (file->len >= 0));
#if LWIP_HTTPD_CUSTOM_FILES

		if(file->is_custom_file && (file->data == NULL)) {
			/* custom file, need to read data first (via fs_read_custom) */
			hs->left = 0;
		} else
#endif /* LWIP_HTTPD_CUSTOM_FILES */
		{
			hs->left = file->len;
		}

		hs->retries = 0;
#if LWIP_HTTPD_TIMING
		hs->time_started = sys_now();
#endif /* LWIP_HTTPD_TIMING */
#if !LWIP_HTTPD_DYNAMIC_HEADERS
		LWIP_ASSERT("HTTP headers not included in file system",
		            (hs->handle->flags & FS_FILE_FLAGS_HEADER_INCLUDED) != 0);
#endif /* !LWIP_HTTPD_DYNAMIC_HEADERS */
#if LWIP_HTTPD_SUPPORT_V09

		if(is_09 && ((hs->handle->flags & FS_FILE_FLAGS_HEADER_INCLUDED) != 0)) {
			/* HTTP/0.9 responses are sent without HTTP header,
			   search for the end of the header. */
			char* file_start = lwip_strnstr(hs->file, CRLF CRLF, hs->left);

			if(file_start != NULL) {
				size_t diff = file_start + 4 - hs->file;
				hs->file += diff;
				hs->left -= (u32_t)diff;
			}
		}

#endif /* LWIP_HTTPD_SUPPORT_V09*/
#if LWIP_HTTPD_CGI_SSI

		if(params != NULL) {
			/* URI contains parameters, call generic CGI handler */
			int count;
#if LWIP_HTTPD_CGI

			if(http_cgi_paramcount >= 0) {
				count = http_cgi_paramcount;
			} else
#endif
			{
				count = extract_uri_parameters(hs, params);
			}

			httpd_cgi_handler(uri, count, http_cgi_params, http_cgi_param_vals
#if defined(LWIP_HTTPD_FILE_STATE) && LWIP_HTTPD_FILE_STATE
			                  , hs->handle->state
#endif /* LWIP_HTTPD_FILE_STATE */
			                 );
		}

#else /* LWIP_HTTPD_CGI_SSI */
		LWIP_UNUSED_ARG(params);
#endif /* LWIP_HTTPD_CGI_SSI */
	} else {
		hs->handle = NULL;
		hs->file = NULL;
		hs->left = 0;
		hs->retries = 0;
	}

#if LWIP_HTTPD_DYNAMIC_HEADERS

	/* Determine the HTTP headers to send based on the file extension of
	 * the requested URI. */
	if((hs->handle == NULL) || ((hs->handle->flags & FS_FILE_FLAGS_HEADER_INCLUDED) == 0)) {
		get_http_headers(hs, uri);
	}

#else /* LWIP_HTTPD_DYNAMIC_HEADERS */
	LWIP_UNUSED_ARG(uri);
#endif /* LWIP_HTTPD_DYNAMIC_HEADERS */
#if LWIP_HTTPD_SUPPORT_11_KEEPALIVE

	if(hs->keepalive) {
#if LWIP_HTTPD_SSI

		if(hs->ssi != NULL) {
			hs->keepalive = 0;
		} else
#endif /* LWIP_HTTPD_SSI */
		{
			if((hs->handle != NULL) &&
			        ((hs->handle->flags & (FS_FILE_FLAGS_HEADER_INCLUDED | FS_FILE_FLAGS_HEADER_PERSISTENT)) == FS_FILE_FLAGS_HEADER_INCLUDED)) {
				hs->keepalive = 0;
			}
		}
	}

#endif /* LWIP_HTTPD_SUPPORT_11_KEEPALIVE */
	return ERR_OK;
}

/**
 * The pcb had an error and is already deallocated.
 * The argument might still be valid (if != NULL).
 */
static void
http_err(void* arg, err_t err)
{
	struct http_state* hs = (struct http_state*)arg;
	LWIP_UNUSED_ARG(err);

	LWIP_DEBUGF(HTTPD_DEBUG, ("http_err: %s", lwip_strerr(err)));

	if(hs != NULL) {
		http_state_free(hs);
	}
}

/**
 * Data has been sent and acknowledged by the remote host.
 * This means that more data can be sent.
 */
static err_t
http_sent(void* arg, struct tcp_pcb* pcb, u16_t len)
{
	struct http_state* hs = (struct http_state*)arg;

	LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("http_sent %p\n", (void*)pcb));

	LWIP_UNUSED_ARG(len);

	if(hs == NULL) {
		return ERR_OK;
	}

	hs->retries = 0;

	http_send(pcb, hs);

	return ERR_OK;
}

/**
 * The poll function is called every 2nd second.
 * If there has been no data sent (which resets the retries) in 8 seconds, close.
 * If the last portion of a file has not been sent in 2 seconds, close.
 *
 * This could be increased, but we don't want to waste resources for bad connections.
 */
static err_t
http_poll(void* arg, struct tcp_pcb* pcb)
{
	struct http_state* hs = (struct http_state*)arg;
	LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("http_poll: pcb=%p hs=%p pcb_state=%s\n",
	            (void*)pcb, (void*)hs, tcp_debug_state_str(pcb->state)));

	if(hs == NULL) {
		err_t closed;
		/* arg is null, close. */
		LWIP_DEBUGF(HTTPD_DEBUG, ("http_poll: arg is NULL, close\n"));
		closed = http_close_conn(pcb, NULL);
		LWIP_UNUSED_ARG(closed);
#if LWIP_HTTPD_ABORT_ON_CLOSE_MEM_ERROR

		if(closed == ERR_MEM) {
			tcp_abort(pcb);
			return ERR_ABRT;
		}

#endif /* LWIP_HTTPD_ABORT_ON_CLOSE_MEM_ERROR */
		return ERR_OK;
	} else {
		hs->retries++;

		if(hs->retries == HTTPD_MAX_RETRIES) {
			LWIP_DEBUGF(HTTPD_DEBUG, ("http_poll: too many retries, close\n"));
			http_close_conn(pcb, hs);
			return ERR_OK;
		}

		/* If this connection has a file open, try to send some more data. If
		 * it has not yet received a GET request, don't do this since it will
		 * cause the connection to close immediately. */
		if(hs && (hs->handle)) {
			LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("http_poll: try to send more data\n"));

			if(http_send(pcb, hs)) {
				/* If we wrote anything to be sent, go ahead and send it now. */
				LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("tcp_output\n"));
				tcp_output(pcb);
			}
		}
	}

	return ERR_OK;
}

/**
 * Data has been received on this pcb.
 * For HTTP 1.0, this should normally only happen once (if the request fits in one packet).
 */
static err_t
http_recv(void* arg, struct tcp_pcb* pcb, struct pbuf* p, err_t err)
{
	struct http_state* hs = (struct http_state*)arg;
	LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("http_recv: pcb=%p pbuf=%p err=%s\n", (void*)pcb,
	            (void*)p, lwip_strerr(err)));

	if((err != ERR_OK) || (p == NULL) || (hs == NULL)) {
		/* error or closed by other side? */
		if(p != NULL) {
			/* Inform TCP that we have taken the data. */
			tcp_recved(pcb, p->tot_len);
			pbuf_free(p);
		}

		if(hs == NULL) {
			/* this should not happen, only to be robust */
			LWIP_DEBUGF(HTTPD_DEBUG, ("Error, http_recv: hs is NULL, close\n"));
		}

		http_close_conn(pcb, hs);
		return ERR_OK;
	}

#if LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND

	if(hs->no_auto_wnd) {
		hs->unrecved_bytes += p->tot_len;
	} else
#endif /* LWIP_HTTPD_SUPPORT_POST && LWIP_HTTPD_POST_MANUAL_WND */
	{
		/* Inform TCP that we have taken the data. */
		tcp_recved(pcb, p->tot_len);
	}

#if LWIP_HTTPD_SUPPORT_POST

	if(hs->post_content_len_left > 0) {
		/* reset idle counter when POST data is received */
		hs->retries = 0;
		/* this is data for a POST, pass the complete pbuf to the application */
		http_post_rxpbuf(hs, p);

		/* pbuf is passed to the application, don't free it! */
		if(hs->post_content_len_left == 0) {
			/* all data received, send response or close connection */
			http_send(pcb, hs);
		}

		return ERR_OK;
	} else
#endif /* LWIP_HTTPD_SUPPORT_POST */
	{
		if(hs->handle == NULL) {
			err_t parsed = http_parse_request(p, hs, pcb);
			LWIP_ASSERT("http_parse_request: unexpected return value", parsed == ERR_OK
			            || parsed == ERR_INPROGRESS || parsed == ERR_ARG || parsed == ERR_USE);
#if LWIP_HTTPD_SUPPORT_REQUESTLIST

			if(parsed != ERR_INPROGRESS) {
				/* request fully parsed or error */
				if(hs->req != NULL) {
					pbuf_free(hs->req);
					hs->req = NULL;
				}
			}

#endif /* LWIP_HTTPD_SUPPORT_REQUESTLIST */
			pbuf_free(p);

			if(parsed == ERR_OK) {
#if LWIP_HTTPD_SUPPORT_POST

				if(hs->post_content_len_left == 0)
#endif /* LWIP_HTTPD_SUPPORT_POST */
				{
					LWIP_DEBUGF(HTTPD_DEBUG | LWIP_DBG_TRACE, ("http_recv: data %p len %"S32_F"\n", (const void*)hs->file, hs->left));
					http_send(pcb, hs);
				}
			} else if(parsed == ERR_ARG) {
				/* @todo: close on ERR_USE? */
				http_close_conn(pcb, hs);
			}
		} else {
			LWIP_DEBUGF(HTTPD_DEBUG, ("http_recv: already sending data\n"));
			/* already sending but still receiving data, we might want to RST here? */
			pbuf_free(p);
		}
	}

	return ERR_OK;
}

/**
 * A new incoming connection has been accepted.
 */
static err_t
http_accept(void* arg, struct tcp_pcb* pcb, err_t err)
{
	struct http_state* hs;
	LWIP_UNUSED_ARG(err);
	LWIP_UNUSED_ARG(arg);
	LWIP_DEBUGF(HTTPD_DEBUG, ("http_accept %p / %p\n", (void*)pcb, arg));

	if((err != ERR_OK) || (pcb == NULL)) {
		return ERR_VAL;
	}

	/* Set priority */
	tcp_setprio(pcb, HTTPD_TCP_PRIO);

	/* Allocate memory for the structure that holds the state of the
	   connection - initialized by that function. */
	hs = http_state_alloc();

	if(hs == NULL) {
		LWIP_DEBUGF(HTTPD_DEBUG, ("http_accept: Out of memory, RST\n"));
		return ERR_MEM;
	}

	hs->pcb = pcb;

	/* Tell TCP that this is the structure we wish to be passed for our
	   callbacks. */
	tcp_arg(pcb, hs);

	/* Set up the various callback functions */
	tcp_recv(pcb, http_recv);
	tcp_err(pcb, http_err);
	tcp_poll(pcb, http_poll, HTTPD_POLL_INTERVAL);
	tcp_sent(pcb, http_sent);

	return ERR_OK;
}

/**
 * @ingroup httpd
 * Initialize the httpd: set up a listening PCB and bind it to the defined port
 */
void
httpd_init(void)
{
	struct tcp_pcb* pcb;
	err_t err;

#if HTTPD_USE_MEM_POOL
	LWIP_MEMPOOL_INIT(HTTPD_STATE);
#if LWIP_HTTPD_SSI
	LWIP_MEMPOOL_INIT(HTTPD_SSI_STATE);
#endif
#endif
	LWIP_DEBUGF(HTTPD_DEBUG, ("httpd_init\n"));

	pcb = tcp_new_ip_type(IPADDR_TYPE_ANY);
	LWIP_ASSERT("httpd_init: tcp_new failed", pcb != NULL);
	tcp_setprio(pcb, HTTPD_TCP_PRIO);
	/* set SOF_REUSEADDR here to explicitly bind httpd to multiple interfaces */
	err = tcp_bind(pcb, IP_ANY_TYPE, HTTPD_SERVER_PORT);
	LWIP_UNUSED_ARG(err); /* in case of LWIP_NOASSERT */
	LWIP_ASSERT("httpd_init: tcp_bind failed", err == ERR_OK);
	pcb = tcp_listen(pcb);
	LWIP_ASSERT("httpd_init: tcp_listen failed", pcb != NULL);
	tcp_accept(pcb, http_accept);
}

#if LWIP_HTTPD_SSI
/**
 * Set the SSI handler function.
 *
 * @param ssi_handler the SSI handler function
 * @param tags an array of SSI tag strings to search for in SSI-enabled files
 * @param num_tags number of tags in the 'tags' array
 */
void
http_set_ssi_handler(tSSIHandler ssi_handler, const char** tags, int num_tags)
{
	LWIP_DEBUGF(HTTPD_DEBUG, ("http_set_ssi_handler\n"));

	LWIP_ASSERT("no ssi_handler given", ssi_handler != NULL);
	g_pfnSSIHandler = ssi_handler;

#if LWIP_HTTPD_SSI_RAW
	LWIP_UNUSED_ARG(tags);
	LWIP_UNUSED_ARG(num_tags);
#else /* LWIP_HTTPD_SSI_RAW */
	LWIP_ASSERT("no tags given", tags != NULL);
	LWIP_ASSERT("invalid number of tags", num_tags > 0);

	g_ppcTags = tags;
	g_iNumTags = num_tags;
#endif /* !LWIP_HTTPD_SSI_RAW */
}
#endif /* LWIP_HTTPD_SSI */

#if LWIP_HTTPD_CGI
/**
 * Set an array of CGI filenames/handler functions
 *
 * @param cgis an array of CGI filenames/handler functions
 * @param num_handlers number of elements in the 'cgis' array
 */
void
http_set_cgi_handlers(const tCGI* cgis, int num_handlers)
{
	LWIP_ASSERT("no cgis given", cgis != NULL);
	LWIP_ASSERT("invalid number of handlers", num_handlers > 0);

	g_pCGIs = cgis;
	g_iNumCGIs = num_handlers;
}
#endif /* LWIP_HTTPD_CGI */

#endif /* LWIP_TCP && LWIP_CALLBACK_API */
